Kim Zetter

Hacking

Researchers Say They Uncovered Uzbekistan Hacking Operations Due to Spectacularly Bad OPSEC

A new threat actor Kaspersky calls SandCat, believed to be Uzbekistan’s intelligence agency, is so bad at operational security, researchers have found multiple zero-day exploits used by the group, and even caught malware the group was still developing.
Kim Zetter
10.3.19
Hacking

Thousands of Cloud Computing Servers Could Be Owned With 'Very Simple' Attack, Researchers Say

Researches at Skylight Cyber found a vulnerability in OnApp's cloud computing management platform that could potentially have given attackers root access to thousands of servers.
Kim Zetter
9.26.19
Hacking

Exclusive: Critical U.S. Election Systems Have Been Left Exposed Online Despite Official Denials

The top voting machine company in the country insists that its election systems are never connected to the internet. But researchers found 35 of the systems have been connected to the internet for months and possibly years, including in some swing states.
Kim Zetter
8.8.19
Hacking

Researchers Easily Trick Cylance's AI-Based Antivirus Into Thinking Malware Is 'Goodware'

By taking strings from an online gaming program and appending them to malicious files, researchers were able to trick Cylance’s AI-based antivirus engine into thinking programs like WannaCry and other malware are benign.
Kim Zetter
7.18.19
Hacking

Researchers Uncover New Version of the Infamous Flame Malware

They also found evidence that Stuxnet has ties to another malware family. The discoveries were made using tools and techniques only available to researchers in recent years.
Kim Zetter
4.9.19
supply chain

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers

The Taiwan-based tech giant ASUS is believed to have pushed the malware to hundreds of thousands of customers through its trusted automatic software update tool after attackers compromised the company’s server and used it to push the malware to machines.
Kim Zetter
3.25.19
Election Security

DARPA Is Building a $10 Million, Open Source, Secure Voting System

The system will be fully open source and designed with newly developed secure hardware to make the system not only impervious to certain kinds of hacking, but also allow voters to verify that their votes were recorded accurately.
Kim Zetter
3.14.19
evoting

Researchers Find Critical Backdoor in Swiss Online Voting System

Researchers have found a severe issue in the new Swiss internet voting system that they say would let someone alter votes undetected. They say it should put a halt to Switzerland’s plan to roll out the system in real elections this year.
Kim Zetter
3.12.19
Election Security

Experts Find Serious Problems With Switzerland's Online Voting System Before Public Penetration Test Even Begins

The public penetration test doesn’t begin until next week, but experts who examined leaked code for the Swiss internet voting system say it’s poorly designed and makes it difficult to audit the code for security and configure it to operate securely.
Kim Zetter
2.21.19
privacy

Apple's Security Expert Joined the ACLU to Tackle 'Authoritarian Fever'

Apple security expert Jon Callas, who helped build protection for billions of computers and smartphones against criminal hackers and government surveillance, is now taking on government and corporate spying in the policy realm.
Kim Zetter
1.22.19
Election Security

Voting Machine Manual Instructed Election Officials to Use Weak Passwords

A vendor manual for voting machines used in about ten states shows the vendor instructed customers to use trivial, easy to crack passwords and to re-use the passwords when changing log-in credentials.
Kim Zetter
11.5.18
Election Hacking

Texas Voting Machines Have Been ‘a Known Problem’ for a Decade

The voting machines and their software—not voters—are to blame for votes switching from Beto O'Rourke to Ted Cruz (and vice versa), an expert told Motherboard.
Kim Zetter
10.30.18
0103